Built for Australian audit standards.
Audit firms answer to regulators, professional bodies and their own quality management — so the platform that holds their files has to clear the same bar. Here is how Audit Intelligence is put together.
Australian data residency
Customer data is Australian-resident at rest — database and file storage in Sydney (ap-southeast-2), with documents stored in APAC object storage.
Encryption everywhere
Data is encrypted in transit (TLS) and at rest. Evidence, working papers and exports are protected end to end.
Tenant isolation
Each firm is an isolated tenant with its own database schema. Cross-firm visibility does not exist at the infrastructure level.
SSO + two-factor
Microsoft and Google single sign-on, TOTP two-factor authentication, and hardened session handling.
Immutable audit trail
Every action is timestamped and retained — nothing deleted, only superseded. Files are retained for 7 years per ASIC and ASA requirements.
Role-based access
Seven audit roles from Graduate to Partner, plus EQR and read-only QA — every action permission-checked.
Separated support plane
The help desk and website enquiries run on a separate platform database that holds no tenant audit data — support staff cannot reach client files.
Operational discipline
Documented sub-processor register, incident-response runbook, security headers and least-privilege access as standing practice.
How that maps to your obligations.
The standards your firm already answers to, and what the platform does about each.
| Obligation | How Audit Intelligence complies |
|---|---|
| Privacy Act 1988 + APPs | Australian-resident data, encryption in transit and at rest, lawful collection and APP-aligned handling. |
| Notifiable Data Breaches (NDB) | Monitoring and alerting with an incident-response runbook — built to assess and notify within the statutory windows. |
| APES 320 / ASQM quality management | Quality-management records — review notes, sign-offs, gates — logged and retained as evidence. |
| ASIC + ASA record retention | Seven-year retention with the 60-day post-report file lock and archive lifecycle. |
| ASA 230 audit documentation | Immutable working papers with question-level history; nothing deleted, only superseded. |
The co-pilot is on the record too.
AI in Audit Intelligence assists — it never decides. Every suggestion cites its source data, every output waits for a qualified auditor's sign-off before it enters the file, and every interaction is written to the audit trail with the feature and model that produced it.
- No audit conclusions are automated — sign-off is human, always.
- AI usage is visible and reportable across the firm.
- See the product side on Security & the audit trail.
Security questions? Ask us directly.
We are happy to walk your firm through residency, retention and the audit trail in detail.
No credit card to start · Australian-resident data · Cancel anytime